.png)
Insurance Office of America Data Breach Lawsuit Investigation
Shamis & Gentile P.A., one of the nation's premier class action law firms specializing in data breach cases, is investigating the Insurance Office of America (IOA) data breach.
If you were affected by the data breach, your sensitive personally identifiable information may have been exposed, and you may be eligible for compensation.
About Insurance Office of America (IOA)
Insurance Office of America (IOA) is the fourth largest privately held insurance brokerage in the United States. Founded in 1988 and headquartered in Longwood, Florida, IOA has grown to employ more than 1,200 people across over 60 offices in the U.S. and the United Kingdom.
IOA provides insurance and risk management solutions, including property and casualty, employee benefits and personal lines coverage. IOA reports managing over $1.9 billion in insurance premiums each year and is recognized for its steady, organic growth and commitment to client service.
What Happened?
On June 30, 2025, IOA discovered that internal systems had been affected by a security incident. The company launched an investigation with external cybersecurity experts.
The investigation determined that between June 25, 2025, and June 30, 2025, an unauthorized party gained access to IOA’s network through a phishing email attack. During this time, certain data stored on IOA’s systems may have been accessed or acquired by the unauthorized party.
After a review, IOA confirmed that personal information was involved. The breach was reported to the Maine Attorney General’s office on Jan. 16, 2026, and IOA began notifying affected individuals on the same day via written notice. The total number of people affected in the United States is 12,913, with 15 individuals impacted in Maine.
Additionally, a ransomware group known as DAIXIN Team claimed responsibility for the attack and posted about the breach on the dark web on July 2, 2025. They alleged they had obtained more than 100,000 internal documents from IOA.
Your Rights and Next Steps
If you received a notice from IOA or believe your information may have been compromised, there are important steps you can take to protect yourself:
- IOA is offering 24 months of complimentary credit monitoring services through Epiq. This includes credit monitoring, dark web monitoring, identity restoration assistance and up to $1 million in identity theft insurance.
- You have the right to obtain a free copy of your credit report from each of the nationwide credit reporting agencies once every 12 months.
- Consider placing a fraud alert or security freeze on your credit file. A fraud alert notifies potential creditors to verify your identity before extending credit. A security freeze restricts access to your credit report, making it more difficult for identity thieves to open new accounts in your name.
- Monitor your financial accounts and credit reports for any suspicious activity. If you notice unauthorized transactions or accounts, contact your financial institution and report the fraud immediately.
IOA has stated there is no indication of identity theft or fraud as a result of this incident so far, but staying vigilant is important. The written notice you received from IOA includes detailed instructions on enrolling in credit monitoring and additional resources for protecting your information.
You May Be Entitled to Compensation
If you were affected by the IOA data breach, you may be entitled to compensation for the exposure of your personal information. Lawyers are ready to help individuals whose data was compromised seek financial relief and hold responsible parties accountable. Compensation may cover out-of-pocket expenses, time spent addressing the breach, and other damages.
To find out if you qualify and to join a lawsuit, complete the below form.
.svg)